FreeBSD is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 103666 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | CVE-2018-6918 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2018 12:00AM |
| Updated: | Apr 04 2018 12:00AM |
| Credit: | Maxime Villard |
| Vulnerable: | FreeBSD Freebsd 11.1-RELEASE-p7 FreeBSD Freebsd 11.1-RELEASE-p4 FreeBSD Freebsd 11.1 FreeBSD Freebsd 10.4-RELEASE-p6 FreeBSD Freebsd 10.4-RELEASE-p3 FreeBSD Freebsd 10.4 FreeBSD Freebsd 10.3-RELEASE-p5 FreeBSD Freebsd 10.3-RELEASE-p4 FreeBSD Freebsd 10.3-RELEASE-p3 FreeBSD Freebsd 10.3-RELEASE-p27 FreeBSD Freebsd 10.3-RELEASE-p24 FreeBSD Freebsd 10.3-RELEASE-p20 FreeBSD Freebsd 10.3-RELEASE-p2 FreeBSD Freebsd 10.3-RELEASE-p19 FreeBSD Freebsd 10.3-RELEASE-p15 FreeBSD Freebsd 10.3-RELEASE-p13 FreeBSD Freebsd 10.3-RELEASE-p1 FreeBSD Freebsd 10.3 |
| Not Vulnerable: | FreeBSD Freebsd 11.1-STABLE FreeBSD Freebsd 11.1-RELEASE-p9 FreeBSD Freebsd 10.4-STABLE FreeBSD Freebsd 10.4-RELEASE-p8 FreeBSD Freebsd 10.3-RELEASE-p29 |
References:
- FreeBSD Homepage (FreeBSD)
- FreeBSD-SA-18:05.ipsec: ipsec crash or denial of service (FreeBSD)
from SecurityFocus Vulnerabilities http://bit.ly/2JT9DQq
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.